1
0
mirror of https://github.com/actix/actix-extras.git synced 2024-12-03 19:42:13 +01:00

Add secure field to removal cookie (#300)

Closes https://github.com/actix/actix-extras/issues/299
This commit is contained in:
Even O. Rogstadkjærnet 2022-11-08 10:29:23 +01:00 committed by GitHub
parent 1ac325ab79
commit 8fd166435f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 4 additions and 1 deletions

View File

@ -1,7 +1,9 @@
# Changes
## Unreleased - 2021-xx-xx
- Set secure attribute when adding a session removal cookie. [#300]
[#300]: https://github.com/actix/actix-extras/pull/300
## 0.7.2 - 2022-09-11
- Set SameSite attribute when adding a session removal cookie. [#284]

View File

@ -444,6 +444,7 @@ fn delete_session_cookie(
) -> Result<(), anyhow::Error> {
let removal_cookie = Cookie::build(config.name.clone(), "")
.path(config.path.clone())
.secure(config.secure)
.http_only(config.http_only)
.same_site(config.same_site);

View File

@ -48,7 +48,7 @@ async fn cookie_storage() -> std::io::Result<()> {
let deletion_cookie = logout_response.response().cookies().next().unwrap();
assert_eq!(deletion_cookie.name(), "id");
assert_eq!(deletion_cookie.path().unwrap(), "/test");
assert!(deletion_cookie.secure().is_none());
assert!(deletion_cookie.secure().unwrap());
assert!(deletion_cookie.http_only().unwrap());
assert_eq!(deletion_cookie.max_age().unwrap(), Duration::ZERO);
assert_eq!(deletion_cookie.domain().unwrap(), "localhost");